[SECURITY] Fedora 35 Update: xz-5.2.5-9.fc35

XZ Utils are an attempt to make LZMA compression easy to use on free as in freedom operating systems. This is achieved by providing tools and libraries which are similar to use than the equivalents of the most popular existing compression algorithms. LZMA is a general purpose compression algorith...

[SECURITY] Fedora 35 Update: wavpack-5.4.0-5.fc35

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled...

[SECURITY] Fedora 34 Update: wavpack-5.4.0-5.fc34

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled...

Fedora: Security Advisory for gzip (FEDORA-2022-6746dde2a0)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: gzip-1.10-6.fc35

The gzip package contains the popular GNU gzip data compression program. Gzipped files have a .gz extension. Gzip should be installed on your system, because it is a very commonly used data compression program...

Memory Corruption Vulnerability in 2345 GoodPress (CNVD-2022-38914)

2345 GoodPress is a free decompression software. A memory corruption vulnerability exists in 2345 GoodPress, which can be exploited by an attacker to cause a local software crash...

USN-5378-2: XZ Utils vulnerability

Cleemy Desu Wayo discovered that XZ Utils incorrectly handled certain filenames. If a user or automated system were tricked into performing xzgrep operations with specially crafted filenames, a remote attacker could overwrite arbitrary files...

Frequently Overlooked Settings to Improve Graphics Performance for XenApp, XenDesktop, Receiver Technologies

This article provides an overview of frequently overlooked or misconfigured settings that can be used to enhance graphics performance in XenDesktop, XenApp, and the Citrix Receiver. Background Throughout the life of XenApp and XenDesktop, the combination of many factors such as the architecture o...

Out-of-bounds read vulnerability in libarchive

libarchive is a multi-format archive and compression library. An out-of-bounds read vulnerability exists in libarchive, which can be exploited by an attacker to cause an out-of-bounds read...

[SECURITY] [DLA 2976-1] gzip security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2976-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta April 10, 2022 https://wiki.debian.org/LTS -...

ulikunitz/xz: Infinite loop in readUvarint allows for denial of service

A flaw was found in github.com/ulikunitz/xz. The function readUvarint may not terminate a loop what could lead to denial of service DoS...

FreeBSD : FreeBSD -- zlib compression out-of-bounds write (38f2e3a0-b61e-11ec-9ebc-1c697aa5a594)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 38f2e3a0-b61e-11ec-9ebc-1c697aa5a594 advisory. - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has ma...

FreeBSD -- zlib compression out-of-bounds write

Problem Description: Certain inputs can cause zlib's compression routine to overwrite an internal buffer with compressed data. This issue may require the use of uncommon or non-default compression parameters. Impact: The out-of-bounds write may result in memory corruption and an application crash...

Security advisory: Recently reported zlib compression issue impacts Qt

zlib has recently reported that it has a security issue when deflating which could cause memory corruption if the input has many distant matches. This is reported in a bit more detail here: and has been assigned the CVE id CVE-2018-25032. This has been fixed in an update to zlib 1.2.12 This affec...

openSUSE 15 Security Update : zlib (openSUSE-SU-2022:1061-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:1061-1 advisory. - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches. CVE-2018-25032 Note that...

ROS-20220329-01

A vulnerability in the zlib data compression library is related to incorrect limitation of operations within the memory buffer due to insufficient validation of user input during data compression. memory due to insufficient validation of user-entered data during data compression. Exploitation...

CVE-2018-25032

An out-of-bounds access flaw was found in zlib, which allows memory corruption when deflating ex: when compressing if the input has many distant matches. For some rare inputs with a large number of distant matches crafted payloads, the buffer into which the compressed or deflated data is written...

[SECURITY] Fedora 36 Update: openvpn-2.5.6-1.fc36

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

[SECURITY] Fedora 36 Update: libwebp-1.2.2-4.fc36

WebP is an image format that does lossy compression of digital photographic images. WebP consists of a codec based on VP8, and a container based on RIFF. Webmasters, web developers and browser developers can use WebP to compress, archive and distribute digital images more efficiently...

CVE-2018-25032

zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...